It happens dozens of times a day in almost every company. A support agent pastes a full customer ticket -- name, email, account number, the lot -- into ChatGPT to draft a polite reply. A developer drops a stack trace containing internal hostnames and an API key into an LLM chat to debug faster. A salesperson uploads a confidential pricing sheet and asks an assistant to summarise it. None of these people are acting maliciously. They are simply trying to get work done, and the tools that help them do that now live one browser tab away.
The problem is what happens to that data once it leaves the building. Depending on the provider and plan, prompts may be retained, logged, reviewed by humans, or used to train future models. Even where a vendor promises not to train on your inputs, the data has still crossed an organisational boundary you no longer control. For regulated industries, a single pasted record can constitute a reportable GDPR incident. The risk is not theoretical -- it is the default behaviour of well-intentioned employees using genuinely useful tools.
Why Bans Do Not Work
The instinctive response is to block LLM chat tools entirely. In practice this fails twice over. First, it pushes usage underground: people switch to personal devices and personal accounts, removing whatever little visibility you had. Second, it surrenders a real productivity advantage to competitors who found a safer way to say yes. The goal is not to stop people using AI. The goal is to let them use it without leaking anything that matters.
That requires a control sitting between the employee and the LLM -- one that understands what is being sent, can act on it in real time, and does so without adding friction that drives people back to the shadows. This is the role Shield was built to play.
What Shield Is
Shield is a security product that protects how your organisation uses AI chat and other LLM-powered services. It deliberately operates on two layers at once. It delivers passive protection -- continuous monitoring, detection, inline anonymization and full audit visibility that watches and shields without interrupting work -- and active protection -- real-time enforcement, blocking and intervention the moment a genuine threat or leak is detected. Most tools offer one or the other. Shield runs both together, because securing AI chat needs both a layer that observes everything and a layer that can stop something.
Passive Protection: Visibility and Inline Anonymization
The passive layer is what makes AI adoption safe to permit in the first place. It sits inline with prompts as they travel to the model and works quietly in the background:
- Continuous monitoring of every prompt and response across sanctioned LLM tools, so security teams finally know what is actually being sent rather than guessing.
- Detection of sensitive content -- personal data, credentials, source code, financial records, client identifiers -- using pattern matching and context-aware classification rather than crude keyword lists.
- Inline anonymization that rewrites a prompt on the fly: a customer's real name becomes a placeholder, an account number is masked, an API key is stripped. The employee still gets a useful answer; the model never sees the raw value.
- Audit and visibility that records who sent what, when, to which model, and what was redacted -- the evidence trail you need for GDPR accountability and internal review.
The defining feature of the passive layer is that it does not get in the way. Work continues, prompts still flow, and the sensitive parts are quietly handled before they ever leave your control.
Active Protection: Enforcement When It Counts
Anonymization handles the everyday case. But some things should never leave, regardless of how they are phrased. That is where Shield's active layer takes over with real-time enforcement:
- Blocking a prompt outright when it contains data that policy forbids sending to an external model -- a full customer database export, a signed contract, a private encryption key.
- Real-time intervention that warns the user in the moment and offers a compliant alternative, turning a near-miss into a teachable moment instead of an incident report.
- Response when a pattern of risky behaviour or a deliberate exfiltration attempt is detected: alerting the security team, escalating, and applying tighter rules to the session.
- Policy enforcement by role and context, so a legal team and a marketing team can each operate under rules that fit their actual data, not a single blunt company-wide setting.
Passive protection lets you say yes to AI with confidence. Active protection makes sure that yes never becomes a breach. Shield runs both at the same time, on the same prompt, so nothing slips between the two.
What This Looks Like in Practice
Consider the support agent from the opening. With Shield in place, they paste the customer ticket exactly as before. The passive layer detects the personal data and anonymizes it inline -- the model receives a clean, useful version and returns a perfectly good draft reply. The agent never had to think about compliance. Now consider a different employee attempting to paste an entire exported contact list. That crosses a hard line, so the active layer blocks the send, explains why, and points to the approved internal tool for that task. Same product, two layers, two appropriate outcomes.
Want to secure your company's AI chat?
Find out how Shield's passive and active protection work together to keep LLM usage productive and safe. Get in touch with CREBISO to learn more or request a demo.
Talk to CREBISO →More on Shield
Securing AI chat is one part of a broader picture. Explore how the same passive-and-active approach protects your wider environment: